Systems and methods for access control using multi-factor validation

ABSTRACT

Aspects of the present disclosure provide systems and methods for access control using multi-factor validation. In an example, an access control system is designed to be used in conjunction with a first recognition system, such as facial recognition system, a gait recognition system, or audio recognition system, that uses a confidence level to determine whether individuals are authorized to access a restricted area. When the first recognition system is unable to confidently identify the individual, a second recognition system, such as a mobile device system or access card system, may be used to provide second factor verification. Further, stored recognition data may be updated to include information gathered by the first recognition system in response to use of the second factor verification.

CROSS-REFERENCE TO RELATED APPLICATION(S)

This application claims the benefit of U.S. Provisional Application Ser.No. 63/011,822, entitled “SYSTEMS AND METHODS FOR ACCESS CONTROL USINGMULTI-FACTOR VALIDATION” and filed on Apr. 17, 2020, which is expresslyincorporated by reference herein in its entirety.

TECHNICAL FIELD

The present disclosure generally relates to systems and methods foraccess control, in particular systems and methods for access controlusing multi-factor validation.

BACKGROUND

Access control systems are often used at public and private premises,such as households, commercial buildings, businesses, retailestablishments, schools, hospitals and government buildings, to list afew examples. Nodes for the access control systems may be installed ataccess points of the premises (e.g. front and interior doors of abuilding) to control access to restricted areas, such as the buildingitself or to areas within the buildings. The access control systems mayauthenticate (or authorizes) individuals using authentication systemsbased on confidence levels in recognizing whether the individuals areauthorized to access restricted areas. Some authentication systems, suchas facial recognition, audio recognition, or gait recognition, have alow confidence level because these authentication systems have adifficult time recognizing the individuals.

In view of the foregoing, there is a need to more efficiently and moresecurely control access to restricted areas.

SUMMARY

The following presents a simplified summary of one or moreimplementations of the present disclosure in order to provide a basicunderstanding of such implementations. This summary is not an extensiveoverview of all contemplated implementations, and is intended to neitheridentify key or critical elements of all implementations nor delineatethe scope of any or all implementations. The sole purpose of thissummary is to present some concepts of one or more implementations ofthe present disclosure in a simplified form as a prelude to the moredetailed description that is presented later.

In an aspects, a method for access control to restricted area isprovided. The method may include determining a confidence levelassociated with first recognition information from a first recognitionsystem is below a threshold, wherein the first recognition informationcorresponds to information on an identity of an individual attempting toaccess the restricted area. The method may also include receiving secondrecognition information from a second recognition system, different fromthe first recognition system, in response to determining the confidencelevel. The method may also include comparing the second recognitioninformation to stored recognition data. The method may also includetransmitting a signal to an access gate to provide access for theindividual to the restricted area in response to the second recognitioninformation matching the stored recognition data. denying the access forthe individual to the restricted area in response to the secondrecognition information not matching the stored recognition data.

In other implementations, the present disclosure may include systems anddevices to perform one or more of the actions described herein, andcomputer-readable medium storing instructions executable by a processorto perform one or more of the actions described herein.

Additional advantages and novel features relating to implementations ofthe present disclosure will be set forth in part in the description thatfollows, and in part will become more apparent to those skilled in theart upon examination of the following or upon learning by practicethereof.

DESCRIPTION OF THE FIGURES

The novel features believed to be characteristic of the disclosure areset forth in the appended claims. In the descriptions that follow, likeparts are marked throughout the specification and drawings with the samenumerals, respectively. The drawing figures are not necessarily drawn toscale and certain figures may be shown in exaggerated or generalizedform in the interest of clarity and conciseness. The disclosure itself,however, as well as a preferred mode of use, further objects andadvances thereof, will be best understood by reference to the followingdetailed description of illustrative aspects of the disclosure when readin conjunction with the accompanying drawings, wherein:

FIG. 1 illustrates a schematic view of an example operating environmentof an access control system, in accordance with aspects of the presentdisclosure;

FIG. 2 is a flowchart of an example method of operation of the accesscontrol system of FIG. 1, in accordance with aspects of the presentdisclosure;

FIG. 3 is a block diagram of an example of various hardware componentsand other features of a computer system that operate the access controlsystem of FIG. 1, in accordance with aspects of the present disclosure;and

FIG. 4 is a block diagram of various example system components thatimplement the access control system of FIG. 1, for use in accordancewith aspects of the present disclosure.

DETAILED DESCRIPTION

The detailed description set forth below in connection with the appendeddrawings is intended as a description of various configurations and isnot intended to represent the only configurations in which the conceptsdescribed herein may be practiced. The detailed description includesspecific details for the purpose of providing a thorough understandingof various concepts. However, it will be apparent to those skilled inthe art that these concepts may be practiced without these specificdetails. In some instances, well known components may be shown in blockdiagram form in order to avoid obscuring such concepts.

Aspects of the present disclosure provide systems and methods for accesscontrol using multi-factor validation. In an example, an access controlsystem is designed to be used in conjunction with a first recognitionsystem, such as facial recognition system, a gait recognition system, oraudio recognition system, that uses a confidence level to determinewhether individuals are authorized to access a restricted area. When thefirst recognition system is unable to confidently identify theindividual, e.g., when a confidence level is below a confidence levelthreshold, a second recognition system, such as a mobile device systemor access card system, may be used to provide second factorverification.

The systems and methods described herein may be used to update adatabase of the first recognition system by providing updatedauthentication information (e.g., updated facial images) of theindividual and also may be used as a safety measure to combat attemptsto defeat the first authentication system.

Turning now to the figures, example aspects are depicted with referenceto one or more components described herein, where components in dashedlines may be optional.

Referring to FIG. 1, an example access control system 100 is depicted.In an aspect, the access control system 100 may include a control system102 configured to control an access gate 110. The access gate 110 isconfigured to provide (or deny) entrance of an individual 105 into arestricted area such as a room, a building, or any other area whichrequires access control. The access gate 110 may include a mechanicalarm gate, a door, a touchless access gate, or any other access controlmechanism for providing access of the individual 105 into the restrictedarea. In an example, the access gate 110 may receive an access controlsignal 112 from the control system 102 configured to instruct the accessgate 110 to provide (or deny) access to the restricted area.

The access control system 100 may also include a first recognitionsystem 120 for monitoring the individual 105 when attempting to accessthe restricted area. In an example, the control system 102 may transmita first communication signal 121 to the first recognition system 120 toactivate the first recognition system 120 and/or request for firstrecognition information 123 from the first recognition system 120. Thefirst recognition system 120 may include one or more biometrictechnologies including, but not limited to, a facial recognitiontechnology, an audio recognition technology, a gait recognitiontechnology, or any other biometric technology having a low guarantee(e.g., less than 100%) of identifying the individual. In an example, thefirst recognition system 120 may use one or more of a camera 122 and/ora microphone 124 to generate the first recognition information 123, suchas image data or audio data of the individual 105, which providesinformation for verifying an identity of the individual 105. In anexample, the first recognition system 120 sends the first recognitioninformation 123 to the control system 102.

The access control system 100 may also include a second recognitionsystem 130 for providing multi-factor authentication of the individual105 attempting to access the restricted area. In an example, the controlsystem 102 may transmit a second communication signal 131 to the secondrecognition system 130 to activate the second recognition system 130and/or request for second recognition information 133 from the secondrecognition system 130. Examples of the second recognition system 130may include, but are not limited to, one or more of a mobile deviceverification system 132, a card reader system 134, or any otherrecognition technology resulting in a high guarantee (e.g. 100%) ofidentifying individuals attempting to access the restricted area. In anexample, the second recognition system 130 may generate secondrecognition information 133 including identifying information of anauthorized personnel. In an example, the second recognition system 130sends the second recognition information 133 to the control system 102.

In an aspect, the mobile device verification system 132 may include awireless communication device 140, such as an access point, configuredto wirelessly communicate with the mobile device 142. In an example, themobile device 142 may be a device previously registered to the accesscontrol system 100 by an authorized personnel. The mobile device 142 mayinclude an application configured to receive a notification (e.g., textnotification or push notification) containing instructions for theauthorized personnel to confirm or deny an attempt to enter therestricted area. In response to the notification, the mobile device 142may generate the second recognition information 133 which confirms (ordenies) the attempt to enter the restricted area. In an example, thenotification may request the individual 105 provide a special response(e.g., password), a finger print confirmation, or any other form ofconfirmation (or denial) of the authorized personnel. In anotherexample, the mobile device 142 may link with the wireless communicationdevice 140 through a local area network (LAN) technology, such as WiFi,which may provide confirmation that the mobile device 142 is within aproximity (e.g., building) of the access gate 110. In the mobile deviceverification system 132, the second recognition information 133 mayinclude, for example, one or more of an acknowledgment, the specialresponse, finger print data, or proximity information.

In another aspect, the card reader system 134 may include a card reader150 configured to communicate with access card 152. In an example, thecard reader 150 may transmit, through radio frequency, a second signalto determine a presence of the access card 152 at or near the accessgate 110. In the card reader system 134, the second recognitioninformation 133 may include information to confirm or deny the presenceof the access card 152.

In an aspect, the control system 102 includes a controller 10 configuredto control aspects of the control system 102, the access gate 110, thefirst recognition system 120, and the second recognition system 130. Thecontroller 10 may be communicatively coupled with a communicationcomponent 20 and a memory 30 of the control system 102.

The controller is configured to communicate with the access gate 110,the first recognition system 120, and the second recognition system 130via the communication component 20. For example, the controller 10controls the communication component 20 to transmit the access controlsignal 112 to the access gate 110 to provide or deny access to therestricted area. In another example, the controller 10 controls thecommunication component 20 to transmit the first communication signal121 to the first recognition system 120 and/or the second communicationsignal 131 to the second recognition system 130 to enable/disable thedevices corresponding to these systems. In an example, the controller 10receives via the communication component 20 the first recognitioninformation 123 and the second recognition information 133.

In an aspect, the controller 10 may include a comparator 12 configuredto compare the first recognition information 123 or the secondrecognition information 133 with stored recognition data 32 stored inthe memory 30. In an example, the stored recognition data 32 includesdata associated with authorized personnel including one or more offacial images for facial recognition, gait images for gait recognition,audio samples for audio recognition, passwords, identifications or phonenumbers of mobile devices (including mobile device 142), cardidentification number of access cards (including access card 152), orany other data for the recognition of the authorized personnel. In anexample, the comparator 12 may determine, based on comparing the data,whether the first recognition information 123 or the second recognitioninformation 133 matches with the stored recognition data 32.

In an aspect, the controller 10 may also include a confidence processor14 configured to determine a confidence level (e.g., percentage value)of the match between the first recognition information 123 and thestored recognition data 32. In an example, when the comparator 12determines a match between the first recognition information 123 and thestored recognition data 32, the confidence processor 14 may determinethe confidence level of the match to indicate a confidence in the match(e.g., 80% confidence). When the confidence level is greater than aconfidence threshold range 34 (e.g., 75%-95% confidence level), thecontroller 10 may provide access for the individual 105 to enter therestricted area by transmitting the access control signal 112 to theaccess gate 110. When the confidence level is less than the confidencethreshold range 34, the controller 10 may deny access for the individual105 to enter the restricted area.

When the confidence level is within the confidence threshold range 34,this may indicate to the controller 10 there are one or more potentialauthorized personnel that may match with the individual 105. Thecontroller 10 may then transmit the second communication signal 131 toenable the second recognition system 130 to authenticate the individual105 based on stored recognition data 32 corresponding to the one or morepotential authorized personnel. For example, the controller 10 maytransmit one or more text notifications or push notifications to mobiledevices associated with the one or more potential authorized personnelbased on the confidence level being within the confidence thresholdrange 34.

In some examples, the controller 10 may wait for the second recognitioninformation 133, which may include, for example, an acknowledgment suchas a password or a fingerprint reader from the mobile device 142,proximity information of the mobile device 142, a card identificationnumber from an access card 152. If acknowledgement is received from thesecond recognition system 130, the individual 105 is determined to bethe authorized personnel and provided access to the restricted area.Otherwise, access is denied to the individual 105 to the restrictedarea.

In some examples, the control system 102 may perform the multi-factorauthentication operations using both the first recognition system 120and the second recognition system 130 through a randomized selectionbasis to update stored recognition data 32. For example, once theindividual 105 is determined to be an authorized personnel via use ofthe second recognition system 130, the controller 10 may update thestored recognition data 32 including, for example, facial images, gaitimages, or voice samples of the individual 105 for use by the controller10 in further access control operations.

Referring to FIG. 2, an example method 200 of the operation of andinteractions between various modules of the access control system 100 isdisclosed. FIG. 1 may be referenced in combination with the flowchart ofFIG. 2. In an example, the example method 200 is implemented by one ormore of the control system 102, a computer system (e.g., computer system300 of FIG. 3), a processor (e.g., processor 304 of FIG. 3), and/or oneor more components/subcomponents.

At 202, the example method 200 optionally includes receiving firstrecognition information from a first recognition system. In an example,one or more of the control system 102, the computer system 300, theprocessor 304, and/or one or more components/subcomponents (e.g.,controller 10, communication component 20, or communication interface324 of FIG. 3) receive the first recognition information 123 from thefirst recognition system 120. The first recognition information 123 maycorrespond to information on an identity of the individual 105attempting to access the restricted area. The first recognitioninformation 123 may be received in response to a detection of theindividual attempting to pass the access gate 110 to enter therestricted area. The first recognition information 123 may include, forexample, image data or audio data of the individual 105 which can beused for facial recognition, gait recognition, or audio recognition. Thefirst recognition information 123 may be captured by one or more of thecamera 122 or the microphone 124 of the first recognition system 120.

At 204, the example method 200 also includes determining a confidencelevel associated with first recognition information is below athreshold. In an example, one or more of the control system 102, thecomputer system 300, the processor 304, and/or one or morecomponents/subcomponents (e.g., controller 10, comparator 12, orconfidence processor 14) determines a confidence level associated withthe first recognition information 123 is below a threshold. In anexample, the confidence level indicates a percentage value of a matchbetween the first recognition information 123 and the stored recognitiondata 32. As described herein, the stored recognition data 32 may includeone or more of image data or audio data associated with authorizedpersonnel to access the restricted area. In an example, the firstrecognition information 123 is compared to the stored recognition data32 and a confidence level is determined based on the comparison.

At 206, the example method 200 also includes receiving secondrecognition information from a second recognition system, different fromthe first recognition system, in response to determining the confidencelevel. In an example, one or more of the control system 102, thecomputer system 300, the processor 304, and/or one or morecomponents/subcomponents (e.g., controller 10, communication component20, or communication interface 324 of FIG. 3) receives the secondrecognition information 133 from the second recognition system 130,different from the first recognition system 120. The second recognitioninformation 133 may correspond to identifying information that providesa higher guarantee (e.g., 100%) the individual 105 is an authorizedpersonnel to enter the restricted area as compared to the firstrecognition information 123. In an example, the second recognitioninformation 133 includes an acknowledgment, a special response such as apassword, finger print data, proximity information of the mobile device142 associated with an authorized personnel, or access cardidentification information of the access card 152 associated with theauthorized personnel. In an example, the second recognition information133 may be received in response to the confidence level of the firstrecognition information 123 being below a confidence level (e.g., below95% confidence level of individual 105 is an authorized personnel) orwithin a confidence level range (e.g., 75-95% confidence level).

In an example, the example method 200 may also include determining alocation of a mobile device associated with an authorized personalestimated to correspond to the identity of the individual, wherein thesecond recognition information includes the location of the mobiledevice and the stored recognition data includes a location of therestricted area. In an example, one or more of the control system 102,the computer system 300, the processor 304, and/or one or morecomponents/subcomponents (e.g., controller 10, communication component20, or communication interface 324 of FIG. 3) determines a location ofthe mobile device 142 associated with an authorized personal estimatedto correspond to the identity of the individual 105. As describedherein, the control system 102 (or another system or component) mayestimate that one or more authorized personnel are estimated tocorrespond to the individual 105 based on a confidence level of theindividual 105 being at a threshold or within a threshold range.Accordingly, the control system 102 (or another system or component)communicate with the mobile device 142 registered to the one or moreauthorized personnel. For example, the second communication signal 131may ping the mobile device 142 to request a location of the mobiledevice 142 and/or the authorized personnel associated with the mobiledevice 142. Accordingly, in this example, the second recognitioninformation 133 may include the response to the request for the locationof the mobile device 142. Alternatively, the second recognitioninformation 133 may include information indicating the mobile device 142is connected to a LAN associated with an entrance of the restrictedarea. This may the individual 105 is the authorized personnel.

In an example, the example method 200 may also include transmitting anotification to a mobile device associated with an authorized personalestimated to correspond to the identity of the individual, wherein thesecond recognition information includes a response to the notificationreceived from the mobile device. In an example, one or more of thecontrol system 102, the computer system 300, the processor 304, and/orone or more components/subcomponents (e.g., controller 10, communicationcomponent 20, or communication interface 324 of FIG. 3) transmits anotification via the second communication signal 131 to the mobiledevice 142 associated with an authorized personal estimated tocorrespond to the identity of the individual 105. In this example, thesecond recognition information 133 includes a response to thenotification received from the mobile device 142. As described herein,the control system 102 (or another system or component) may estimatethat one or more authorized personnel are estimated to correspond to theindividual 105 based on a confidence level of the individual 105 beingat a threshold or within a threshold range.

In an example, the second recognition information further includes oneor more of an acknowledgment or denial of the notification, a specialresponse including a password, or a finger print confirmation.

In an example, the example method 200 may also include transmitting asecond signal to determine a presence of an access card at or near anentrance to the restricted area, wherein the second recognitioninformation includes a response to the second signal, and wherein theaccess card is associated with an authorized personal estimated tocorrespond to the identity of the individual. In an example, one or moreof the control system 102, the computer system 300, the processor 304,and/or one or more components/subcomponents (e.g., controller 10,communication component 20, or communication interface 324 of FIG. 3)transmits a signal (e.g., the second communication signal 131) todetermine a presence of an access card at or near an entrance to therestricted area. As described herein, the control system 102 (or anothersystem or component) may estimate that one or more authorized personnelare estimated to correspond to the individual 105 based on a confidencelevel of the individual 105 being at a threshold or within a thresholdrange.

At 208, the example method 200 also includes comparing the secondrecognition information to stored recognition data. In an example, oneor more of the control system 102, the computer system 300, theprocessor 304, and/or one or more components/subcomponents (e.g.,controller 10, comparator 12, or confidence processor 14) compares thesecond recognition information 133 to the stored recognition data 32. Asdescribed herein, the stored recognition data 32 may include one or moreof access card identification, finger print identification, password,and/or other data associated with authorized personnel to access therestricted area. In this example, comparison is performed to determinewhether the second recognition information 133 matches the storedrecognition data 32. As described herein, matching the secondrecognition information 133 to the stored recognition data 32 mayindicate a higher confidence (e.g., 100%) that the individual 105 is anauthorized personnel, as compared to matching the first recognitioninformation 123 to the stored recognition data 32.

At 210, the example method 200 also includes transmitting a signal to anaccess gate to provide access for the individual to the restricted areain response to the second recognition information matching the storedrecognition data. In an example, one or more of the control system 102,the computer system 300, the processor 304, and/or one or morecomponents/subcomponents (e.g., controller 10, communication component20, or communication interface 324 of FIG. 3) transmits the accesscontrol signal 112 to the access gate 110 to provide access for theindividual 105 to the restricted area in response to the secondrecognition information 133 matching the stored recognition data 32.

At 212, the example method 200 optionally includes updating the storedrecognition data to include image data or audio data of the firstrecognition information in response to the second recognitioninformation matching the stored recognition data. In an example, one ormore of the control system 102, the computer system 300, the processor304, and/or one or more components/subcomponents (e.g., controller 10)captures image data or audio data (via first recognition information123) updating the stored recognition data 32 to include image data oraudio data of the first recognition information 123 in response to thesecond recognition information 133 matching the stored recognition data32. In this example, the stored recognition data 32 may be updated forthe control system 102 (and/or other systems and components) to haveupdated information of the authorized personnel based on recent accessto the restricted area. In an example, the updating of the storedrecognition data 32 may be performed on a random bases.

At 214, the example method 200 also includes denying the access for theindividual to the restricted area in response to the second recognitioninformation not matching the stored recognition data. In an example, oneor more of the control system 102, the computer system 300, theprocessor 304, and/or one or more components/subcomponents (e.g.,controller 10, communication component 20, or communication interface324 of FIG. 3) denies access for the individual 105 to the restrictedarea in response to the second recognition information 133 not matchingthe stored recognition data 32 by not transmitting the access controlsignal 112 or, alternatively, may deny access by transmitting a denialsignal via the access control signal 112 to close the access gate 110.

Aspects of the present disclosure may be implemented using hardware,software, or a combination thereof and may be implemented in one or morecomputer systems or other processing systems. In one aspect, thedisclosure is directed toward one or more computer systems capable ofcarrying out the functionality described herein. FIG. 3 presents anexample system diagram of various hardware components and other featuresthat may be used in accordance with aspects of the present disclosure.Aspects of the present disclosure may be implemented using hardware,software, or a combination thereof and may be implemented in one or morecomputer systems or other processing systems. In one example variation,aspects of the disclosure are directed toward one or more computersystems capable of carrying out the functionality described herein. Anexample of such a computer system 300 is shown in FIG. 3. In an example,the computer system 300 may be an example of the control system 102,described herein.

The computer system 300 includes one or more processors, such as theprocessor 304. In an example, the processor 304 may be an example of thecontroller 10, described herein. The processor 304 is connected to thecommunication infrastructure 306 (e.g., a communications bus, cross-overbar, or network). Various software aspects are described in terms ofthis example computer system. After reading this description, it willbecome apparent to a person skilled in the relevant art(s) how toimplement aspects of the disclosure using other computer systems and/orarchitectures.

The processor 304, or any other “processor,” as used herein, processessignals and performs general computing and arithmetic functions. Signalsprocessed by the processor 304 may include digital signals, datasignals, computer instructions, processor instructions, messages, a bit,a bit stream, or other computing that may be received, transmittedand/or detected.

The communication infrastructure 306 refers to an interconnectedarchitecture that is operably connected to transfer data betweencomputer components within a singular or multiple systems. The bus maybe a memory bus, a memory controller, a peripheral bus, an external bus,a crossbar switch, and/or a local bus, among others. The bus may also bea bus that interconnects components inside a access control system usingprotocols, such as Controller Area network (CAN), Local InterconnectNetwork (LIN), Wiegand and Open Supervised Device Protocol (OSDP) amongothers.

Further, the connection between components of the computer system 300,or any other type of connection between computer-related componentsdescribed herein may be referred to an operable connection, and mayinclude a connection by which entities are operably connected, such thatsignals, physical communications, and/or logical communications may besent and/or received. An operable connection may include a physicalinterface, a data interface and/or an electrical interface.

The computer system 300 may include a display interface 302 thatforwards graphics, text, and other data from the communicationinfrastructure 306 (or from a frame buffer not shown) for display on adisplay unit 330. The computer system 300 also includes a main memory308, preferably random access memory (RAM), and may also include asecondary memory 310. The secondary memory 310 may include, for example,a hard disk drive 312 and/or a removable storage drive 314, representinga floppy disk drive, a magnetic tape drive, an optical disk drive, etc.In an example, the main memory 308 may be an example of the memory 30,described herein. The removable storage drive 314 reads from and/orwrites to a removable storage unit 318 in a well-known manner. Theremovable storage unit 318, represents a floppy disk, magnetic tape,optical disk, etc., which is read by and written to removable storagedrive 314. As will be appreciated, the removable storage unit 318includes a computer usable storage medium having stored therein computersoftware and/or data.

In alternative aspects, the secondary memory 310 may include othersimilar devices for allowing computer programs or other instructions tobe loaded into the computer system 300. Such devices may include, forexample, a removable storage unit 322 and an interface 320. Examples ofsuch may include a program cartridge and cartridge interface (such asthat found in video game devices), a removable memory chip (such as anerasable programmable read only memory (EPROM), or programmable readonly memory (PROM)) and associated socket, and other removable storageunits 322 and interfaces 320, which allow software and data to betransferred from the removable storage unit 322 to the computer system300.

It should be understood that a memory, as used herein may includevolatile memory and/or non-volatile memory. Non-volatile memory mayinclude, for example, ROM (read only memory), PROM (programmable readonly memory), EPROM (erasable PROM) and EEPROM (electrically erasablePROM). Volatile memory may include, for example, RAM (random accessmemory), synchronous RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM(SDRAM), double data rate SDRAM (DDR SDRAM), and/or direct RAM bus RAM(DRRAM).

The computer system 300 may also include a communications interface 324.In an example, the communication interface 324 may be an example of thecommunication component 20, described herein. The communicationsinterface 324 allows software and data to be transferred betweencomputer system 300 and external devices. Examples of the communicationsinterface 324 may include a modem, a network interface (such as anEthernet card), a communications port, a Personal Computer Memory CardInternational Association (PCMCIA) slot and card, etc. Software and datatransferred via the communications interface 324 are in the form ofsignals 328, which may be electronic, electromagnetic, optical or othersignals capable of being received by communications interface 324. Thesesignals 328 are provided to the communications interface 324 via acommunications path (e.g., channel) 326. This path 326 carries signals328 and may be implemented using wire or cable, fiber optics, atelephone line, a cellular link, a radio frequency (RF) link and/orother communications channels. In this document, the terms “computerprogram medium” and “computer usable medium” are used to refer generallyto media such as a removable storage drive 680, a hard disk installed inhard disk drive 670, and the signals 328. These computer programproducts provide software to the computer system 300. Aspects of thedisclosure are directed to such computer program products.

Computer programs (also referred to as computer control logic) arestored in the main memory 608 and/or the secondary memory 310. Computerprograms may also be received via the communications interface 324. Suchcomputer programs, when executed, enable the computer system 300 toperform various features in accordance with aspects of the presentdisclosure, as discussed herein. In particular, the computer programs,when executed, enable the processor 304 to perform such features.Accordingly, such computer programs represent controllers of thecomputer system 300.

In variations where aspects of the disclosure are implemented usingsoftware, the software may be stored in a computer program product andloaded into the computer system 300 using the removable storage drive314, the hard drive 312, or the communications interface 320. Thecontrol logic (software), when executed by the processor 304, causes theprocessor 304 to perform the functions in accordance with aspects of thedisclosure as described herein. In another variation, aspects areimplemented primarily in hardware using, for example, hardwarecomponents, such as application specific integrated circuits (ASICs).Implementation of the hardware state machine so as to perform thefunctions described herein will be apparent to persons skilled in therelevant art(s).

In yet another example variation, aspects of the disclosure areimplemented using a combination of both hardware and software.

FIG. 4 is a block diagram of various example system components that maybe used in accordance with aspects of the present disclosure. Forexample, the various components may be within the access control system100, or only some of the components may be within the access controlsystem 100, and other components may be remote from the access controlsystem 100. The system 400 includes one or more accessors 460, 462 (alsoreferred to interchangeably herein as one or more “users” or personsseeking to gain access to a location) and one or more terminals 442, 466(such terminals may be or include, for example, various features of thecontrol system 102). In one aspect, data for use in accordance withaspects of the present disclosure is, for example, input and/or accessedby accessors 460, 462 via terminals 442, 466, such as personal computers(PCs), minicomputers, mainframe computers, microcomputers, telephonicdevices, or wireless devices, such as personal digital assistants(“PDAs”) or a hand-held wireless devices coupled to a server 443, suchas a PC, minicomputer, mainframe computer, microcomputer, or otherdevice having a processor and a repository for data and/or connection toa repository for data, via, for example, a network 444, such as theInternet or an intranet, and couplings 445, 446, 464. The couplings 445,446, 464 include, for example, wired, wireless, or fiber optic links. Inanother example variation, the method and system in accordance withaspects of the present disclosure operate in a stand-alone environment,such as on a single terminal.

Additional Embodiments

An example method for access control to restricted area, comprising:determining a confidence level associated with first recognitioninformation from a first recognition system is below a threshold,wherein the first recognition information corresponds to information onan identity of an individual attempting to access the restricted area;receiving second recognition information from a second recognitionsystem, different from the first recognition system, in response todetermining the confidence level; comparing the second recognitioninformation to stored recognition data; transmitting a signal to anaccess gate to provide access for the individual to the restricted areain response to the second recognition information matching the storedrecognition data; and denying the access for the individual to therestricted area in response to the second recognition information notmatching the stored recognition data.

The above example method, wherein the first recognition system includesone or more of a facial recognition system, a gait recognition system,or an audio recognition system.

One or more of the above example methods, wherein the second recognitionsystem includes a mobile device verification system, and wherein themethod further comprises: determining a location of a mobile deviceassociated with an authorized personal estimated to correspond to theidentity of the individual, wherein the second recognition informationincludes the location of the mobile device and the stored recognitiondata includes a location of the restricted area.

One or more of the above example methods, wherein the second recognitionsystem includes a mobile device verification system, and wherein themethod further comprises: transmitting a notification to a mobile deviceassociated with an authorized personal estimated to correspond to theidentity of the individual, wherein the second recognition informationincludes a response to the notification received from the mobile device.

One or more of the above example methods, wherein the second recognitioninformation further includes one or more of an acknowledgment or denialof the notification, a special response including a password, or afinger print confirmation.

One or more of the above example methods, wherein the second recognitionsystem includes a card reader system, and wherein the method furthercomprises: transmitting a second signal to determine a presence of anaccess card at or near an entrance to the restricted area, wherein thesecond recognition information includes a response to the second signal,and wherein the access card is associated with an authorized personalestimated to correspond to the identity of the individual.

One or more of the above example methods, further comprising: updatingthe stored recognition data to include image data or audio data of thefirst recognition information in response to the second recognitioninformation matching the stored recognition data.

An example access control system for a restricted area, comprising: amemory storing instructions; and a processor coupled with the memory andconfigured to: determine a confidence level associated with firstrecognition information from a first recognition system is below athreshold, wherein the first recognition information corresponds toinformation on an identity of an individual attempting to access therestricted area; receive second recognition information from a secondrecognition system, different from the first recognition system, inresponse to determining the confidence level; compare the secondrecognition information to stored recognition data; transmit a signal toan access gate to provide access for the individual to the restrictedarea in response to the second recognition information matching thestored recognition data; and deny the access for the individual to therestricted area in response to the second recognition information notmatching the stored recognition data.

The above example access control system, wherein the first recognitionsystem includes one or more of a facial recognition system, a gaitrecognition system, or an audio recognition system.

One or more of the above example access control systems, wherein thesecond recognition system includes a mobile device verification system,and wherein the processor is further configured to: determine a locationof a mobile device associated with an authorized personal estimated tocorrespond to the identity of the individual, wherein the secondrecognition information includes the location of the mobile device andthe stored recognition data includes a location of the restricted area.

One or more of the above example access control systems, wherein thesecond recognition system includes a mobile device verification system,and wherein the processor is further configured to: transmit anotification to a mobile device associated with an authorized personalestimated to correspond to the identity of the individual, wherein thesecond recognition information includes a response to the notificationreceived from the mobile device.

One or more of the above example access control systems, wherein thesecond recognition information further includes one or more of anacknowledgment or denial of the notification, a special responseincluding a password, or a finger print confirmation.

One or more of the above example access control systems, wherein thesecond recognition system includes a card reader system, and wherein theprocessor is further configured to:

transmit a second signal to determine a presence of an access card at ornear an entrance to the restricted area, wherein the second recognitioninformation includes a response to the second signal, and wherein theaccess card is associated with an authorized personal estimated tocorrespond to the identity of the individual.

One or more of the above example access control systems, wherein theprocessor is further configured to: update the stored recognition datato include image data or audio data of the first recognition informationin response to the second recognition information matching the storedrecognition data.

An example computer-readable medium storing instructions executable by aprocessor, the instructions comprising code to: determine a confidencelevel associated with first recognition information from a firstrecognition system is below a threshold, wherein the first recognitioninformation corresponds to information on an identity of an individualattempting to access the restricted area; receive second recognitioninformation from a second recognition system, different from the firstrecognition system, in response to determining the confidence level;compare the second recognition information to stored recognition data;transmit a signal to an access gate to provide access for the individualto the restricted area in response to the second recognition informationmatching the stored recognition data; and deny the access for theindividual to the restricted area in response to the second recognitioninformation not matching the stored recognition data.

The above example computer-readable medium, wherein the firstrecognition system includes one or more of a facial recognition system,a gait recognition system, or an audio recognition system.

One or more of the above example computer-readable mediums, wherein thesecond recognition system includes a mobile device verification system,and the instructions further comprise code to: determine a location of amobile device associated with an authorized personal estimated tocorrespond to the identity of the individual, wherein the secondrecognition information includes the location of the mobile device andthe stored recognition data includes a location of the restricted area.

One or more of the above example computer-readable mediums, wherein thesecond recognition system includes a mobile device verification system,and the instructions further comprise code to: transmit a notificationto a mobile device associated with an authorized personal estimated tocorrespond to the identity of the individual, wherein the secondrecognition information includes a response to the notification receivedfrom the mobile device.

One or more of the above example computer-readable mediums, wherein thesecond recognition information further includes one or more of anacknowledgment or denial of the notification, a special responseincluding a password, or a finger print confirmation.

One or more of the above example computer-readable mediums, wherein thesecond recognition system includes a card reader system, and theinstructions further comprise code to: transmit a second signal todetermine a presence of an access card at or near an entrance to therestricted area, wherein the second recognition information includes aresponse to the second signal, and wherein the access card is associatedwith an authorized personal estimated to correspond to the identity ofthe individual.

One or more of the above example computer-readable mediums, wherein theinstructions further comprise code to: update the stored recognitiondata to include image data or audio data of the first recognitioninformation in response to the second recognition information matchingthe stored recognition data.

The aspects of the disclosure discussed herein may also be described andimplemented in the context of computer-readable storage medium storingcomputer-executable instructions. Computer-readable storage mediaincludes computer storage media and communication media. For example,flash memory drives, digital versatile discs (DVDs), compact discs(CDs), floppy disks, and tape cassettes. Computer-readable storage mediamay include volatile and nonvolatile, removable and non-removable mediaimplemented in any method or technology for storage of information suchas computer readable instructions, data structures, modules or otherdata.

It will be appreciated that various implementations of theabove-disclosed and other features and functions, or alternatives orvarieties thereof, may be desirably combined into many other differentsystems or applications. Also that various presently unforeseen orunanticipated alternatives, modifications, variations, or improvementstherein may be subsequently made by those skilled in the art which arealso intended to be encompassed by the following claims.

What is claimed is:
 1. A method for access control to restricted area, comprising: determining a confidence level associated with first recognition information from a first recognition system is below a threshold, wherein the first recognition information corresponds to information on an identity of an individual attempting to access the restricted area; receiving second recognition information from a second recognition system, different from the first recognition system, in response to determining the confidence level; comparing the second recognition information to stored recognition data; transmitting a signal to an access gate to provide access for the individual to the restricted area in response to the second recognition information matching the stored recognition data; and denying the access for the individual to the restricted area in response to the second recognition information not matching the stored recognition data.
 2. The method of claim 1, wherein the first recognition system includes one or more of a facial recognition system, a gait recognition system, or an audio recognition system.
 3. The method of claim 1, wherein the second recognition system includes a mobile device verification system, and wherein the method further comprises: determining a location of a mobile device associated with an authorized personal estimated to correspond to the identity of the individual, wherein the second recognition information includes the location of the mobile device and the stored recognition data includes a location of the restricted area.
 4. The method of claim 1, wherein the second recognition system includes a mobile device verification system, and wherein the method further comprises: transmitting a notification to a mobile device associated with an authorized personal estimated to correspond to the identity of the individual, wherein the second recognition information includes a response to the notification received from the mobile device.
 5. The method of claim 4, wherein the second recognition information further includes one or more of an acknowledgment or denial of the notification, a special response including a password, or a finger print confirmation.
 6. The method of claim 1, wherein the second recognition system includes a card reader system, and wherein the method further comprises: transmitting a second signal to determine a presence of an access card at or near an entrance to the restricted area, wherein the second recognition information includes a response to the second signal, and wherein the access card is associated with an authorized personal estimated to correspond to the identity of the individual.
 7. The method of claim 1, further comprising: updating the stored recognition data to include image data or audio data of the first recognition information in response to the second recognition information matching the stored recognition data.
 8. An access control system for a restricted area, comprising: a memory storing instructions; and a processor coupled with the memory and configured to: determine a confidence level associated with first recognition information from a first recognition system is below a threshold, wherein the first recognition information corresponds to information on an identity of an individual attempting to access the restricted area; receive second recognition information from a second recognition system, different from the first recognition system, in response to determining the confidence level; compare the second recognition information to stored recognition data; transmit a signal to an access gate to provide access for the individual to the restricted area in response to the second recognition information matching the stored recognition data; and deny the access for the individual to the restricted area in response to the second recognition information not matching the stored recognition data.
 9. The access control system of claim 8, wherein the first recognition system includes one or more of a facial recognition system, a gait recognition system, or an audio recognition system.
 10. The access control system of claim 8, wherein the second recognition system includes a mobile device verification system, and wherein the processor is further configured to: determine a location of a mobile device associated with an authorized personal estimated to correspond to the identity of the individual, wherein the second recognition information includes the location of the mobile device and the stored recognition data includes a location of the restricted area.
 11. The access control system of claim 8, wherein the second recognition system includes a mobile device verification system, and wherein the processor is further configured to: transmit a notification to a mobile device associated with an authorized personal estimated to correspond to the identity of the individual, wherein the second recognition information includes a response to the notification received from the mobile device.
 12. The access control system of claim 11, wherein the second recognition information further includes one or more of an acknowledgment or denial of the notification, a special response including a password, or a finger print confirmation.
 13. The access control system of claim 8, wherein the second recognition system includes a card reader system, and wherein the processor is further configured to: transmit a second signal to determine a presence of an access card at or near an entrance to the restricted area, wherein the second recognition information includes a response to the second signal, and wherein the access card is associated with an authorized personal estimated to correspond to the identity of the individual.
 14. The access control system of claim 8, wherein the processor is further configured to: update the stored recognition data to include image data or audio data of the first recognition information in response to the second recognition information matching the stored recognition data.
 15. A computer-readable medium storing instructions executable by a processor, the instructions comprising code to: determine a confidence level associated with first recognition information from a first recognition system is below a threshold, wherein the first recognition information corresponds to information on an identity of an individual attempting to access a restricted area; receive second recognition information from a second recognition system, different from the first recognition system, in response to determining the confidence level; compare the second recognition information to stored recognition data; transmit a signal to an access gate to provide access for the individual to the restricted area in response to the second recognition information matching the stored recognition data; and deny the access for the individual to the restricted area in response to the second recognition information not matching the stored recognition data.
 16. The computer-readable medium of claim 15, wherein the first recognition system includes one or more of a facial recognition system, a gait recognition system, or an audio recognition system.
 17. The computer-readable medium of claim 15, wherein the second recognition system includes a mobile device verification system, and the instructions further comprise code to: determine a location of a mobile device associated with an authorized personal estimated to correspond to the identity of the individual, wherein the second recognition information includes the location of the mobile device and the stored recognition data includes a location of the restricted area.
 18. The computer-readable medium of claim 15, wherein the second recognition system includes a mobile device verification system, and the instructions further comprise code to: transmit a notification to a mobile device associated with an authorized personal estimated to correspond to the identity of the individual, wherein the second recognition information includes a response to the notification received from the mobile device.
 19. The computer-readable medium of claim 18, wherein the second recognition information further includes one or more of an acknowledgment or denial of the notification, a special response including a password, or a finger print confirmation.
 20. The computer-readable medium of claim 15, wherein the second recognition system includes a card reader system, and the instructions further comprise code to: transmit a second signal to determine a presence of an access card at or near an entrance to the restricted area, wherein the second recognition information includes a response to the second signal, and wherein the access card is associated with an authorized personal estimated to correspond to the identity of the individual. 